Certificate
$ rpki-client -vvf rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JCmj7lCI89RTcqjjs2g0x16ubSk.cer
File: JCmj7lCI89RTcqjjs2g0x16ubSk.cer (raw, json)
Hash identifier: X7pCYs0iXkRMiHlnWstptbf5aDNQoUeOnhNC7tl8x4U=
Subject key identifier: 24:29:A3:EE:50:88:F3:D4:53:72:A8:E3:B3:68:34:C7:5E:AE:6D:29
Authority key identifier: 0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
Certificate issuer: /CN=A90DC5BE/serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Certificate serial: 0252AE
Authority info access: rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
Manifest: rsync://rpki.apnic.net/member_repository/A91EE96E/23D2F16EEC2111EFA355605FC4F9AE02/JCmj7lCI89RTcqjjs2g0x16ubSk.mft
caRepository: rsync://rpki.apnic.net/member_repository/A91EE96E/23D2F16EEC2111EFA355605FC4F9AE02/
Notify URL: https://rrdp.apnic.net/notification.xml
Certificate not before: Wed 02 Jul 2025 12:54:33 +0000
Certificate not after: Wed 30 Sep 2026 00:00:00 +0000
Subordinate resources: AS: 134233
IP: 45.120.4.0/22
IP: 103.60.64.0/22
Validation: OK
Signature path: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Sun 27 Jul 2025 09:30:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 152238 (0x252ae)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A90DC5BE, serialNumber=0E65A4F5FD36B5BD68EB3C923408978C907AA79F
Validity
Not Before: Jul 2 12:54:33 2025 GMT
Not After : Sep 30 00:00:00 2026 GMT
Subject: CN=A91EE96E, serialNumber=2429A3EE5088F3D45372A8E3B36834C75EAE6D29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:e5:41:1f:40:33:c8:ee:7d:13:1e:74:24:3c:
34:36:3f:5b:f8:d6:df:ab:c7:dc:65:b8:7b:4a:5e:
f8:93:b9:4d:c8:c7:05:d0:f7:f5:7f:7c:c9:76:90:
14:7c:f6:09:b2:a1:4f:d6:12:64:c8:63:1c:dc:c3:
26:41:8d:18:b2:94:d6:7c:89:df:89:f5:e8:40:1c:
84:7a:e3:f7:39:2b:8d:1b:46:ae:20:c0:55:a2:80:
00:fe:ed:da:71:b6:85:e2:09:59:83:44:0a:f9:85:
d2:be:d7:8d:5b:0f:81:e3:ac:6e:37:d7:ad:1c:7a:
be:0f:1f:95:d6:bd:08:ee:71:b0:96:b7:5a:fa:09:
96:8c:c3:4d:c9:35:e6:25:82:1e:84:c5:31:fe:a8:
6a:20:31:2c:06:60:53:50:93:01:18:73:b6:26:7d:
6f:8a:60:58:d3:61:cf:25:cb:79:3e:f8:51:14:69:
9c:de:c9:42:2d:78:e7:2f:12:e5:0d:1a:6d:0e:f1:
aa:6f:b8:08:9c:92:eb:5b:41:e0:e2:19:99:34:ed:
e8:6b:f6:04:c4:73:aa:3e:fa:0c:22:68:42:80:84:
22:61:77:fb:12:d9:23:2f:fd:43:6c:e3:f2:b6:2e:
e2:13:80:87:d9:86:02:b0:2f:9d:79:84:6e:ad:8c:
15:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:29:A3:EE:50:88:F3:D4:53:72:A8:E3:B3:68:34:C7:5E:AE:6D:29
X509v3 Authority Key Identifier:
keyid:0E:65:A4:F5:FD:36:B5:BD:68:EB:3C:92:34:08:97:8C:90:7A:A7:9F
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.apnic.net/RPKI/CPS.pdf
Subject Information Access:
CA Repository - URI:rsync://rpki.apnic.net/member_repository/A91EE96E/23D2F16EEC2111EFA355605FC4F9AE02/
RPKI Manifest - URI:rsync://rpki.apnic.net/member_repository/A91EE96E/23D2F16EEC2111EFA355605FC4F9AE02/JCmj7lCI89RTcqjjs2g0x16ubSk.mft
RPKI Notify - URI:https://rrdp.apnic.net/notification.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
134233
sbgp-ipAddrBlock: critical
IPv4:
45.120.4.0/22
103.60.64.0/22
Signature Algorithm: sha256WithRSAEncryption
9d:7d:0a:6b:28:75:88:c5:db:21:33:56:a1:77:f2:cf:4f:4c:
99:94:7b:51:1d:93:6a:d8:58:4b:1e:1b:4e:a4:ba:01:af:86:
3e:55:f7:76:d9:4f:c2:e1:23:9e:5a:40:55:6a:b0:3c:38:72:
c4:24:f8:2b:80:d4:4a:7a:2d:3a:c8:b9:d9:3a:b0:62:06:4f:
6d:ae:c1:2a:8e:78:3f:15:0c:3d:e6:3a:1d:4b:94:06:32:d3:
c1:0b:70:10:15:29:76:cd:9f:a1:a3:b2:2e:49:6f:6d:e2:2f:
c8:24:bb:91:0b:40:f2:36:0e:a3:f4:b7:89:21:7f:c3:01:a8:
4f:28:24:56:dc:1e:46:f3:13:4b:af:1a:68:80:d5:b5:32:dc:
98:30:24:1f:34:59:6f:99:e5:c1:71:ec:17:59:1f:88:71:8c:
fe:2b:47:0a:6c:6c:40:de:cf:37:66:b2:e7:b0:e0:2f:f7:93:
0d:8b:bb:06:e5:be:6d:b6:28:7d:10:61:cd:8a:42:14:e8:45:
8f:85:b1:b5:67:e8:69:6c:7a:b2:13:05:e6:54:d9:89:a5:e9:
c1:16:24:4a:3d:53:68:45:77:1a:69:6c:56:d7:6b:7b:9f:5c:
0a:4b:7a:b4:7f:07:8a:20:e2:bf:ce:9e:f2:ef:db:5b:46:c9:
0f:e0:f7:37
-----BEGIN CERTIFICATE-----
MIIGIDCCBQigAwIBAgIDAlKuMA0GCSqGSIb3DQEBCwUAMEYxETAPBgNVBAMTCEE5
MERDNUJFMTEwLwYDVQQFEygwRTY1QTRGNUZEMzZCNUJENjhFQjNDOTIzNDA4OTc4
QzkwN0FBNzlGMB4XDTI1MDcwMjEyNTQzM1oXDTI2MDkzMDAwMDAwMFowRjERMA8G
A1UEAxMIQTkxRUU5NkUxMTAvBgNVBAUTKDI0MjlBM0VFNTA4OEYzRDQ1MzcyQThF
M0IzNjgzNEM3NUVBRTZEMjkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDN5UEfQDPI7n0THnQkPDQ2P1v41t+rx9xluHtKXviTuU3IxwXQ9/V/fMl2kBR8
9gmyoU/WEmTIYxzcwyZBjRiylNZ8id+J9ehAHIR64/c5K40bRq4gwFWigAD+7dpx
toXiCVmDRAr5hdK+141bD4HjrG43160cer4PH5XWvQjucbCWt1r6CZaMw03JNeYl
gh6ExTH+qGogMSwGYFNQkwEYc7YmfW+KYFjTYc8ly3k++FEUaZzeyUIteOcvEuUN
Gm0O8apvuAickutbQeDiGZk07ehr9gTEc6o++gwiaEKAhCJhd/sS2SMv/UNs4/K2
LuITgIfZhgKwL515hG6tjBWJAgMBAAGjggMVMIIDETAdBgNVHQ4EFgQUJCmj7lCI
89RTcqjjs2g0x16ubSkwHwYDVR0jBBgwFoAUDmWk9f02tb1o6zySNAiXjJB6p58w
DgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wcwYDVR0fBGwwajBooGag
ZIZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2
NjExRTJCQjQ2OEY3QzcyRkQxRkYyL0RtV2s5ZjAydGIxbzZ6eVNOQWlYakpCNnA1
OC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku
YXBuaWMubmV0L3JlcG9zaXRvcnkvOTgwNjUyRTBCNzdFMTFFN0E5NkEzOTUyMUE0
RjRGQjQvRG1XazlmMDJ0YjFvNnp5U05BaVhqSkI2cDU4LmNlcjBKBgNVHSABAf8E
QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj
Lm5ldC9SUEtJL0NQUy5wZGYwggEoBggrBgEFBQcBCwSCARowggEWMF8GCCsGAQUF
BzAFhlNyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5
MUVFOTZFLzIzRDJGMTZFRUMyMTExRUZBMzU1NjA1RkM0RjlBRTAyLzB+BggrBgEF
BQcwCoZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9B
OTFFRTk2RS8yM0QyRjE2RUVDMjExMUVGQTM1NTYwNUZDNEY5QUUwMi9KQ21qN2xD
STg5UlRjcWpqczJnMHgxNnViU2subWZ0MDMGCCsGAQUFBzANhidodHRwczovL3Jy
ZHAuYXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwGgYIKwYBBQUHAQgBAf8ECzAJ
oAcwBQIDAgxZMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCLXgEAwQCZzxA
MA0GCSqGSIb3DQEBCwUAA4IBAQCdfQprKHWIxdshM1ahd/LPT0yZlHtRHZNq2FhL
HhtOpLoBr4Y+Vfd22U/C4SOeWkBVarA8OHLEJPgrgNRKei06yLnZOrBiBk9trsEq
jng/FQw95jodS5QGMtPBC3AQFSl2zZ+ho7IuSW9t4i/IJLuRC0DyNg6j9LeJIX/D
AahPKCRW3B5G8xNLrxpogNW1MtyYMCQfNFlvmeXBcewXWR+IcYz+K0cKbGxA3s83
ZrLnsOAv95MNi7sG5b5ttih9EGHNikIU6EWPhbG1Z+hpbHqyEwXmVNmJpenBFiRK
PVNoRXcaaWxW12t7n1wKS3q0fweKIOK/zp7y79tbRskP4Pc3
-----END CERTIFICATE-----
Generated at Sun Jul 20 13:04:02 2025 by rpki-client